解密 JWE 时出错
Error Decrypting JWE
JWE 解密的新事物。我有一个执行 JWE 并根据服务器和客户端之间共享的密钥将其发送到客户端的服务器。
我正在使用 Jose4j 进行解密并收到此错误
java.lang.NullPointerException: 未设置JWE的明文payload
我正在使用 link,接收器部分
中所示的示例代码
https://bitbucket.org/b_c/jose4j/wiki/JWE%20Examples
我对服务器没有任何了解,只是在编写客户端。我很困惑,如果 paylaod 本身没有出现,或者那个框架正在尝试解密。
感谢任何调试问题的指示
此致,
亚拉文
只有在未设置有效负载时才会从 getCompactSerialization() 方法中抛出该特定异常 - getCompactSerialization() 是 sending/encrypting 端创建 JWE 的最后一步。如果您正在解密,则不应调用它。也许你在某个地方接到了一个意外电话?否则,您使用的代码以及示例原始 JWE 值可能有助于解决问题(和密钥,如果它只是一个测试并且您可以共享它们)。
JWE 在获取纯文本负载之前需要 2 级解密。
首先是 JWE 到 JWS。
然后在验证签名后从 JWS 到 JWT。下面的代码会做到这一点。
// That other party, the receiver, can then use JsonWebEncryption to decrypt the message.
JsonWebEncryption receiverJwe = new JsonWebEncryption();
// Set the compact serialization on new Json Web Encryption object
//This is the received payload JWE payload
receiverJwe.setCompactSerialization(result.toString());
// Symmetric encryption, like we are doing here, requires that both parties have the same key.
// The key will have had to have been securely exchanged out-of-band somehow.
receiverJwe.setKey(secretKeySpec);
// Set the "alg" header, which indicates the key management mode for this JWE.
// In this example we are using the direct key management mode, which means
// the given key will be used directly as the content encryption key.
//receiverJwe.setAlgorithmHeaderValue(KeyManagementAlgorithmIdentifiers.DIRECT);
//receiverJwe.setEncryptionMethodHeaderParameter(ContentEncryptionAlgorithmIdentifiers.AES_128_CBC_HMAC_SHA_256);
// Get the message that was encrypted in the JWE. This step performs the actual decryption steps.
String jwsPayload = receiverJwe.getPlaintextString();
// And do whatever you need to do with the clear text message.
System.out.println("plaintext: " + jwsPayload);
// Create a new JsonWebSignature object
JsonWebSignature jws = new JsonWebSignature();
jws.setCompactSerialization(jwsPayload);
jws.setKey(secretKeySpec);
boolean signatureVerified = jws.verifySignature();
// Do something useful with the result of signature verification
System.out.println("JWS Signature is valid: " + signatureVerified);
// Get the payload, or signed content, from the JWS
String payload = jws.getPayload();
// Do something useful with the content
System.out.println("JWS payload: " + payload);
JWE 解密的新事物。我有一个执行 JWE 并根据服务器和客户端之间共享的密钥将其发送到客户端的服务器。
我正在使用 Jose4j 进行解密并收到此错误
java.lang.NullPointerException: 未设置JWE的明文payload
我正在使用 link,接收器部分
中所示的示例代码https://bitbucket.org/b_c/jose4j/wiki/JWE%20Examples
我对服务器没有任何了解,只是在编写客户端。我很困惑,如果 paylaod 本身没有出现,或者那个框架正在尝试解密。
感谢任何调试问题的指示
此致, 亚拉文
只有在未设置有效负载时才会从 getCompactSerialization() 方法中抛出该特定异常 - getCompactSerialization() 是 sending/encrypting 端创建 JWE 的最后一步。如果您正在解密,则不应调用它。也许你在某个地方接到了一个意外电话?否则,您使用的代码以及示例原始 JWE 值可能有助于解决问题(和密钥,如果它只是一个测试并且您可以共享它们)。
JWE 在获取纯文本负载之前需要 2 级解密。
首先是 JWE 到 JWS。 然后在验证签名后从 JWS 到 JWT。下面的代码会做到这一点。
// That other party, the receiver, can then use JsonWebEncryption to decrypt the message.
JsonWebEncryption receiverJwe = new JsonWebEncryption();
// Set the compact serialization on new Json Web Encryption object
//This is the received payload JWE payload
receiverJwe.setCompactSerialization(result.toString());
// Symmetric encryption, like we are doing here, requires that both parties have the same key.
// The key will have had to have been securely exchanged out-of-band somehow.
receiverJwe.setKey(secretKeySpec);
// Set the "alg" header, which indicates the key management mode for this JWE.
// In this example we are using the direct key management mode, which means
// the given key will be used directly as the content encryption key.
//receiverJwe.setAlgorithmHeaderValue(KeyManagementAlgorithmIdentifiers.DIRECT);
//receiverJwe.setEncryptionMethodHeaderParameter(ContentEncryptionAlgorithmIdentifiers.AES_128_CBC_HMAC_SHA_256);
// Get the message that was encrypted in the JWE. This step performs the actual decryption steps.
String jwsPayload = receiverJwe.getPlaintextString();
// And do whatever you need to do with the clear text message.
System.out.println("plaintext: " + jwsPayload);
// Create a new JsonWebSignature object
JsonWebSignature jws = new JsonWebSignature();
jws.setCompactSerialization(jwsPayload);
jws.setKey(secretKeySpec);
boolean signatureVerified = jws.verifySignature();
// Do something useful with the result of signature verification
System.out.println("JWS Signature is valid: " + signatureVerified);
// Get the payload, or signed content, from the JWS
String payload = jws.getPayload();
// Do something useful with the content
System.out.println("JWS payload: " + payload);